Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.

Codemasters Hacked

This article is over 13 years old and may contain outdated information
image

U.K.-based publisher Codemasters is warning that its site has been hacked and data belonging to thousands of users has potentially been lost.

You may have noticed over the past couple of days that codemasters.com no longer leads to the Codemasters website but instead now points to the company’s Facebook page. The reason is simple: in the wake of an attack that took place on June 3, the site was pulled down and won’t be back until it’s completely overhauled and relaunched, sometime later this year. Codemasters informed its customers of the attack in an email that went out this morning.

Dear valued Codemasters customer,

On Friday 3rd June, unauthorized entry was gained to our Codemasters.com website. As soon as the intrusion was detected, we immediately took codemasters.com and associated web services offline in order to prevent any further intrusion.

During the days since the attack we have conducted a thorough investigation in order to ascertain the extent and scope of the breach and have regrettably discovered that the intruder was able to gain access to the following:

Codemasters.com website

Access to the Codemasters corporate website and sub-domains.

DiRT 3 VIP code redemption page

Access to the DiRT 3 VIP code redemption page.

The Codemasters EStore

We believe the following have been compromised: Customer names and addresses, email addresses, telephone numbers, encrypted passwords and order history. Please note that no personal payment information was stored with Codemasters as we use external payment providers, meaning your payment details were not at risk from this intrusion.

Codemasters CodeM database

Members’ names, usernames, screen names, email addresses, date of birth, encrypted passwords, newsletter preferences, any biographies entered by users, details of last site activity, IP addresses and Xbox Live Gamertags are all believed to have been compromised.

Whilst we do not have confirmation that any of this data was actually downloaded onto an external device, we have to assume that, as access was gained, all of these details were compromised and/or stolen.

The Codemasters.com website will remain offline for the foreseeable future with all Codemasters.com traffic re-directed to the Codemasters Facebook page instead. A new website will launch later in the year.

Advice

For your security, in the first instance we advise you to change any passwords you have associated with other Codemasters accounts. If you use the same login information for other sites, you should change that information too. Furthermore, be extra cautious of potential scams, via email, phone, or post that ask you for personal or sensitive information. Please note that Codemasters will never ask you for any payment data such as credit card numbers or bank account details, nor will Codemasters ask you for passwords or other personal identifying data. Be aware too of fraudulent emails that may outwardly appear to be from Codemasters with links inviting you to visit websites. The safest way to visit your favorite websites is always by typing in the address manually into the address bar of your browser.

Unfortunately, Codemasters is the latest victim in on-going targeted attacks against numerous game companies. We assure you that we are doing everything within our legal means to track down the perpetrators and take action to the full extent of the law.

We apologize for this incident and regret any inconvenience caused.

We are contacting all customers who may have been affected directly.

What’s less clear at this point is whether this hack is related in any way to the attack that took place on May 20, in which encrypted user data was stolen and posted online. In that case, Codemasters pulled its site for a few hours, plugged a security hole and then put it back online after ensuring that all stolen data had been encrypted.

It would seem to be a separate attack [we’re waiting for confirmation of that] which leads to the obvious question of, why? With all due respect to Codemasters, we’re not exactly talking about one of the industry heavyweights here, so what’s it done to attract this kind of unwelcome attention? Is it just an easy target, or is somebody really holding on to a grudge over that whole Clive Barker’s Jericho thing?

Recommended Videos

The Escapist is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission.Ā Learn more about our Affiliate Policy